feat: abstract credential store

2025-08-10 18:11:27 -04:00
parent c719b2573d
commit c505a4782b
3 changed files with 301 additions and 135 deletions
--- a/auth/oauth_common_handlers.py
+++ b/auth/oauth_common_handlers.py
@@ -14,7 +14,7 @@ from starlette.responses import JSONResponse, RedirectResponse
 from google.oauth2.credentials import Credentials

 from auth.oauth21_session_store import store_token_session
-from auth.google_auth import save_credentials_to_file
+from auth.google_auth import get_credential_store
 from auth.scopes import get_current_scopes
 from auth.oauth_config import get_oauth_config
 from auth.oauth_error_handling import (
@@ -181,7 +181,8 @@ async def handle_proxy_token_exchange(request: Request):
                                        )

                                        # Save credentials to file for legacy auth
-                                        save_credentials_to_file(user_email, credentials)
+                                        store = get_credential_store()
+                                        credentials = store.store_credential(user_email, credentials)
                                        logger.info(f"Saved Google credentials for {user_email}")
                                except jwt.ExpiredSignatureError:
                                    logger.error("ID token has expired - cannot extract user email")